CVE Catalog

CVE-2025-3360

LowCVSS 3.7
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.42%

33th percentile — higher than 33% of all known CVEs

Summary

A flaw was found in GLib where an integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.

Risk Assessment

An attacker could exploit this vulnerability to cause application crashes (denial of service) or potentially leak sensitive memory contents.

Recommendation

Immediately update the GLib library to a patched version and apply available security fixes.

Original NVD description (English source)

A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS